namespace Billing2
{
    using AjaxControlToolkit;
    using Microsoft.Reporting.WebForms;
    using System;
    using System.Web.UI;
    using System.Web.UI.HtmlControls;
    using Microsoft.Security.Application;

    public class CRReportForm : Page
    {
        protected HtmlForm form1;
        protected HtmlHead Head1;
        protected ReportViewer ReportViewer1;
        protected ScriptManager ScriptManager1;
        protected System.Web.UI.WebControls.HiddenField request_id;

        protected void BindReportData()
        {
            ClsChangeRequest clsCR = new ClsChangeRequest {
                ID = Convert.ToInt64(this.ViewState["CRID"].ToString())
            };
            ReportDataSource rds1 = new ReportDataSource("ChangeRequest", clsCR.SelectByIDForReport());
            this.ReportViewer1.LocalReport.DataSources.Clear();
            this.ReportViewer1.LocalReport.DataSources.Add(rds1);
            this.ReportViewer1.LocalReport.Refresh();
        }

        protected void Page_Load(object sender, EventArgs e)
        {
            this.Response.AppendHeader("Cache-Control", "no-store");
            this.Response.AppendHeader("Cache-Control", "no-cache");
#if !DEV
            this.Response.AppendHeader("Content-Security-policy", "default-src https: data: 'unsafe-inline' 'unsafe-eval'");
#endif

            if (this.Session["SiteID"] == null)
            {
                base.Response.Redirect("default.aspx", true);
            }
            if (!this.Page.IsPostBack)
            {
                this.ViewState["CRID"] = Convert.ToInt64(this.CR.ChangeRequestID);
                this.BindReportData();
            }

            //anti CSRF
            if (!this.Page.IsPostBack)
            {
                string anti_csrf = ClsPasswordHelper.Encrypt("anti_csrf" + MyLib.Rand.RandomInt(0, int.MaxValue - 1).ToString()).Replace("=", "").Replace("/", "").Replace("+", "");
                this.request_id.Value = anti_csrf;
                this.Session["request_id"] = anti_csrf;
            }
            else
            {
                if (this.Session["request_id"] == null || this.request_id.Value != this.Session["request_id"].ToString())
                {
                    EPPLog.Logger.Error(Common.EscapeLog(String.Format("Detecterd CSRF1. RawUrl={0} request_id={1} inSession={2}", this.Request.RawUrl, this.request_id.Value, this.Session["request_id"])));
                    base.Response.Redirect("logout.aspx", true);
                    return;
                }
            }
        }

        protected override void OnInit(EventArgs e)
        {
            base.OnInit(e);
            ViewStateUserKey = Session.SessionID;
        }

        public ChangeRequest CR
        {
            get
            {
                return (ChangeRequest) base.PreviousPage;
            }
        }
    }
}
